mirror of
https://github.com/go-gitea/gitea.git
synced 2026-07-16 11:25:19 +02:00
fix abuses
This commit is contained in:
@@ -471,13 +471,11 @@ func SearchUsers(ctx *context.APIContext) {
|
||||
|
||||
var visible []api.VisibleType
|
||||
visibilityParam := ctx.FormString("visibility")
|
||||
if len(visibilityParam) > 0 {
|
||||
if visibility, ok := api.VisibilityModes[visibilityParam]; ok {
|
||||
visible = []api.VisibleType{visibility}
|
||||
} else {
|
||||
ctx.APIError(http.StatusUnprocessableEntity, fmt.Sprintf("Invalid visibility: \"%s\"", visibilityParam))
|
||||
return
|
||||
}
|
||||
if visibility, ok := api.VisibilityModes[visibilityParam]; ok {
|
||||
visible = []api.VisibleType{visibility}
|
||||
} else if visibilityParam != "" {
|
||||
ctx.APIError(http.StatusUnprocessableEntity, "invalid visibility")
|
||||
return
|
||||
}
|
||||
|
||||
searchOpts := user_model.SearchUserOptions{
|
||||
|
||||
@@ -221,7 +221,7 @@ func checkCanChangeOrgUserStatus(ctx *context.APIContext, targetUser *user_model
|
||||
// allow org owners to change status of members
|
||||
isOwner, err := ctx.Org.Organization.IsOwnedBy(ctx, ctx.Doer.ID)
|
||||
if err != nil {
|
||||
ctx.APIError(http.StatusInternalServerError, err.Error())
|
||||
ctx.APIErrorInternal(err)
|
||||
} else if !isOwner {
|
||||
ctx.APIError(http.StatusForbidden, "Cannot change member visibility")
|
||||
}
|
||||
|
||||
@@ -256,7 +256,7 @@ func Create(ctx *context.APIContext) {
|
||||
// "$ref": "#/responses/validationError"
|
||||
form := web.GetForm(ctx).(*api.CreateOrgOption)
|
||||
if !ctx.Doer.CanCreateOrganization() {
|
||||
ctx.APIError(http.StatusForbidden, "")
|
||||
ctx.APIError(http.StatusForbidden, "not allowed to create org")
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
@@ -239,7 +239,7 @@ func GetPushMirrorByName(ctx *context.APIContext) {
|
||||
ctx.APIErrorInternal(err)
|
||||
return
|
||||
} else if !exist {
|
||||
ctx.APIError(http.StatusNotFound, "")
|
||||
ctx.APIErrorNotFound()
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
@@ -458,7 +458,7 @@ func DeletePullReview(ctx *context.APIContext) {
|
||||
return
|
||||
}
|
||||
if !ctx.Doer.IsAdmin && ctx.Doer.ID != review.ReviewerID {
|
||||
ctx.APIError(http.StatusForbidden, "")
|
||||
ctx.APIError(http.StatusForbidden, "no permission to delete comment")
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
@@ -173,7 +173,7 @@ func Search(ctx *context.APIContext) {
|
||||
opts.Collaborate = optional.Some(true)
|
||||
case "":
|
||||
default:
|
||||
ctx.APIError(http.StatusUnprocessableEntity, fmt.Sprintf("Invalid search mode: \"%s\"", mode))
|
||||
ctx.APIError(http.StatusUnprocessableEntity, "invalid search mode")
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user